Extra PepperoniChris Pepper's Ramblings & Rants (a personal site)2016-09-11T17:48:32-04:00Chris Pepperurn:md5:948c810e581a9b49829c997247c8c049DotclearAustin BBQurn:md5:2f63d1e1026ea03d0de66b96e0bb11fb2015-11-20T14:28:00-05:002015-12-07T19:03:52-05:00Chris Pepper <p><strong>Achievement unlocked</strong> I flew to Austin, TX for the SC15 conference. I had two personal goals: to eat BBQ for lunch or dinner every day, and to stay within Austin. Aside from visits to small towns around Austin (Wimberly for crafts, Johnson City for LBJ's home, and Driftwood for the Salt Lick), I accomplished my goals. I asked friends for recommendations and got a few; over 7 days I had BBQ 9 times, from 8 places. The only failure was Franklin.</p>
<p><a href="http://www.reppep.com/~pepper/images/austin/acc.jpeg"><img src="http://www.reppep.com/~pepper/images/austin/acc-thumb.jpeg" alt="Austin Convention Center" /></a></p>
<ul>
<li>Sat: <a href="http://www.ironworksbbq.com/">Iron Works BBQ</a></li>
<li>Sun: <a href="http://www.stilesswitchbbq.com/">Stiles Switch BBQ &amp; Beer</a> (better than Iron Works)</li>
<li>Mon: <a href="http://www.saltlickbbq.com/">Salt Lick</a> (Driftwood, TX)</li>
</ul>
<p><a href="http://www.reppep.com/~pepper/images/austin/salt-lick.jpeg"><img src="http://www.reppep.com/~pepper/images/austin/salt-lick-thumb.jpeg" alt="Salt Lick" /></a></p>
<ul>
<li><p>Tue: Brazilian all-you-can-eat meat (steak) dinner, then <a href="http://www.rudysbbq.com/page/home">Rudy's</a> takeout (token brisket) at another party.</p></li>
<li><p>Wed: <a href="http://www.labarbecue.com/">la barbecue</a> (lunch, uncrowded), with dinner at the <a href="https://drafthouse.com/">Alamo Drafthouse</a> (Spectre @ the Ritz)</p></li>
</ul>
<p><a href="http://www.reppep.com/~pepper/images/austin/la-barbecue.jpeg"><img src="http://www.reppep.com/~pepper/images/austin/la-barbecue-thumb.jpeg" alt="la barbecue" /></a>
<a href="http://www.reppep.com/~pepper/images/austin/ritz.jpeg"><img src="http://www.reppep.com/~pepper/images/austin/ritz-thumb.jpeg" alt="ritz" /></a></p>
<ul>
<li>Thu: <a href="http://www.micklethwaitcraftmeats.com/About-Us.html">Micklethwait Craft Meats</a> (late lunch); <a href="http://www.blacksbbq.com/">Black's</a> takeout (token brisket) at the <a href="https://en.m.wikipedia.org/wiki/Darrell_K_Royal-Texas_Memorial_Stadium">Texas Longhorns stadium</a>.</li>
</ul>
<p><a href="http://www.reppep.com/~pepper/images/austin/micklethwait-1.jpeg"><img src="http://www.reppep.com/~pepper/images/austin/micklethwait-1-thumb.jpeg" alt="micklethwait 1" /></a>
<a href="http://www.reppep.com/~pepper/images/austin/blacks.jpeg"><img src="http://www.reppep.com/~pepper/images/austin/blacks-thumb.jpeg" alt="blacks" /></a>
<a href="http://www.reppep.com/~pepper/images/austin/stadium.jpeg"><img src="http://www.reppep.com/~pepper/images/austin/stadium-thumb.jpeg" alt="stadium" /></a></p>
<ul>
<li>Fri: We arrived at <a href="http://franklinbarbecue.com/">Franklin BBQ</a> at 10:40, and the line looked reasonable, but the hostess told us that we'd get food at 2pm. This was absurd and too late for our 2:30 flight, so we walked to Micklethwait for another excellent lunch (first order when they opened at 11am).</li>
</ul>
<p><a href="http://www.reppep.com/~pepper/images/austin/franklin.jpeg"><img src="http://www.reppep.com/~pepper/images/austin/franklin-thumb.jpeg" alt="franklin" /></a>
<a href="http://www.reppep.com/~pepper/images/austin/micklethwait-2.jpeg"><img src="http://www.reppep.com/~pepper/images/austin/micklethwait-2-thumb.jpeg" alt="micklethwait 2" /></a></p>
<p><strong>Yum!</strong></p>http://www.extrapepperoni.com/post/2015/11/Austin-BBQ#comment-formhttp://www.extrapepperoni.com/feed/atom/comments/1597The Doubleclicks at The Way Station, with Sarah Donner, April 4, 2014urn:md5:c81a7036a11bbb5f8fa52881168238872014-04-04T20:00:00-04:002014-05-07T17:11:00-04:00Chris Peppermusic <p><a href="https://www.flickr.com/photos/chrispepper/sets/72157643472364423/">Photos</a></p>
<p><a href="http://www.sarahdonner.com">Sarah Donner</a> opened:</p>
<ol>
<li><a href="https://www.youtube.com/watch?v=mPeLDSvZGlg">Rogue</a></li>
<li><a href="http://www.youtube.com/watch?v=3fv7cAGAtu8">Heartbreaker</a></li>
<li><a href="http://www.youtube.com/watch?v=lzTSMMUogvk">Bitches You Can Steal My Shit</a></li>
<li><a href="http://www.youtube.com/watch?v=1u2ynDQmqbg">The Motherfucking Pterodactyl</a> (see also <a href="http://theoatmeal.com/pterodactyl_video">the Oatmeal's great animated video</a>)</li>
<li>The Rebuttal of Schroedinger's Cat (no video available)</li>
<li><a href="http://www.youtube.com/watch?v=jv6j_082QqE">The Kickstarter Song</a></li>
<li><a href="http://www.youtube.com/watch?v=tPb7F0W6IPo">With Pride</a></li>
<li><a href="http://www.youtube.com/watch?v=Hsnz521FACw">Signal</a></li>
<li><a href="http://www.youtube.com/watch?v=2oMKtxs6Jzg">Going under (in a Way)</a></li>
<li><a href="http://www.youtube.com/watch?v=lZ9vWmiA1IE">All My Guns</a></li>
</ol>
<p>Then <a href="http://www.thedoubleclicks.com">The Doubleclicks</a> played:</p>
<ol>
<li><a href="http://www.youtube.com/watch?v=itx6Drm4ILM">Will They or Won't They</a></li>
<li><a href="https://www.youtube.com/watch?v=cPMTky6_hlU">Worst Superpower Ever</a></li>
<li><a href="http://www.youtube.com/watch?v=OEf64B0Crm8">Cats and Netflix</a></li>
<li><a href="http://www.youtube.com/watch?v=xYqe0YagY70">Lasers and Feelings</a></li>
<li><a href="http://www.youtube.com/watch?v=S8nzBX_byKI">A Lullaby for Mr. Bear (adult version)</a></li>
<li><a href="http://www.youtube.com/watch?v=MPen0aayiF8">Wonder (Wonder Woman Song)</a></li>
<li><a href="http://www.youtube.com/watch?v=eMaYdXqCLOQ">Ennui (on We Go)</a></li>
<li><a href="http://www.youtube.com/watch?v=9esMyLc3tOg">Nothing to Prove</a></li>
<li><a href="http://www.youtube.com/watch?v=c90wv9RJkN8">Something Else</a></li>
<li><a href="https://www.youtube.com/watch?v=SaqA6H1hbFg">This Fantasy World</a></li>
<li><a href="https://www.youtube.com/watch?v=UaHCAM_JCkE">Velociraptor</a> (?)</li>
<li><a href="http://www.youtube.com/watch?v=M_PC0jx-THY">I Love You Like a Burrito</a> (with special guest)</li>
</ol>http://www.extrapepperoni.com/post/2014/05/The-Doubleclicks-at-The-Way-Station%2C-with-Sarah-Donner%2C-April-4%2C-2014#comment-formhttp://www.extrapepperoni.com/feed/atom/comments/15834th St. NiteOwls, Freddy's, March 29th, 2014urn:md5:e1387d5d532943b8b8a9db3b6117cf032014-03-29T23:00:00-04:002014-05-07T00:57:23-04:00Chris Peppermusic <p>Gavin played with the NiteOwls at Freddy's.</p>
<p><a href="https://www.flickr.com/photos/chrispepper/sets/72157643162855604/">Photos</a></p>
<ol>
<li><a href="http://www.youtube.com/watch?v=a5J2L1WZCq8">Jack I'm Mellow</a></li>
<li><a href="http://www.youtube.com/watch?v=9oLDlrodAZw">Breaking the Ice</a></li>
<li><a href="http://www.youtube.com/watch?v=AUto5aSjDZs">Busy Bee</a></li>
<li><a href="http://www.youtube.com/watch?v=FzcSwAHWU_g">A Sin to Tell a Lie</a></li>
<li><a href="http://www.youtube.com/watch?v=_03XOMEB50U">When Day is Done</a></li>
<li><a href="http://www.youtube.com/watch?v=gGdQyXyeK3M">Louisiana Fairy Tale</a></li>
<li><a href="http://www.youtube.com/watch?v=oTMqddsTiec">Crazy about My Baby</a></li>
<li><a href="http://www.youtube.com/watch?v=vKXejVahf6s">A Porter's Love Song to a Chambermaid</a></li>
<li><a href="http://www.youtube.com/watch?v=oHA93qWJnQ8">Nagasaki</a></li>
<li><a href="http://www.youtube.com/watch?v=YBhy46CX3ZM">Bloodshot Eyes</a></li>
<li><a href="http://www.youtube.com/watch?v=-paA7_aFzqI">Diga Diga Do</a></li>
<li><a href="http://www.youtube.com/watch?v=4hM_CNHv0JM">Honeysuckle Rose</a></li>
<li><a href="http://www.youtube.com/watch?v=CLCC2s4VWWY">Jerry the Junker</a></li>
<li><a href="http://www.youtube.com/watch?v=bkrouMOi6XY">Happy Birthday</a></li>
</ol>http://www.extrapepperoni.com/post/2014/03/4th-St.-NiteOwls%2C-Freddy-s%2C-March-29th%2C-2014#comment-formhttp://www.extrapepperoni.com/feed/atom/comments/1582Solaris patching is broken because Oracle is dumb and irresponsibleurn:md5:2071c960ff19948a324309d8ace814a82013-06-26T10:09:00-04:002013-06-26T11:04:49-04:00Chris PepperSolaris <p>I am setting up a Solaris 10 system, starting from S10U10 (Solaris 10 Update 10) as a starting point to match another server. Solaris includes a registration wizard that comes up automatically after installation, but it doesn't work. Oracle updated their whole online patching system when they took over from Sun and broke the old built-in patching tools. Unfortunately the procedure to update an old system is completely byzantine.</p>
<p>You have this problem if the graphical Solaris Registration Wizard says &quot;Error in SCN/Cacao Update License&quot; when you register, or the <code>smpatch</code> command errors out like this:</p>
<pre><code>-bash-3.2# smpatch analyze
Error: Unable to download document : &quot;xml/motd.xml&quot;
Cannot connect to retrieve motd.xml: Authorization Required
Failure: Cannot connect to retrieve current3.zip: Authorization Required
-bash-3.2# cat /etc/release
Oracle Solaris 10 8/11 s10x_u10wos_17b X86
Copyright (c) 1983, 2011, Oracle and/or its affiliates. All rights reserved.
Assembled 23 August 2011
</code></pre>
<p>If you kept your Solaris system patched during the transition period you were presumably fine, as hopefully they released client updates before the took down the old backend, but old systems like my new install get stuck.</p>
<p>I opened a case with Oracle Support who searched their internal database and gave me an irrelevant answer. The real fix is to run <code>sconadm</code> manually -- which entails manually creating a (simple) <code>RegistrationProfile.properties</code> file per the instructions in the <code>sconadm(1M)</code> manual page, <strong>embedding your Oracle Support username and password in the file because Oracle cannot do security</strong>, registering, and then immediately deleting the file.</p>
<p>Then <code>smpatch</code> installed a bunch of patches and choked on <code>147993-05 SunOS 5.10_x86: Pidgin libraries patch</code>. The patch instructions say to install <code>SUNWgnome-im-client-root</code> from the installation DVD. Our X4500s don't actually have DVD drives -- why can't I just download this package from <a href="https://support.oracle.com/">https://support.oracle.com/</a>? It turns out <strong><code>SUNWgnome-im-client-root</code> is not on <code>sol-10-u10-ga2-x86-dvd.iso</code></strong>, but it is available on <code>sol-10-u11-ga-x86-dvd.iso</code>.</p>
<pre><code>-bash-3.2# smpatch update -i 147993-05
Installing patches from /var/sadm/spool...
Failed to install patch 147993-05.
Utility used to install the update failed with exit code 15.
Validating patches...Loading patches installed on the system...Done!Loading patches requested to install.Done!The following requested patches have packages not installed on the systemPackage SUNWgnome-im-client-root from directory SUNWgnome-im-client-root in patch 147993-05 is not installed on the system. Changes for package SUNWgnome-im-client-root will not be applied to the system.Checking patches that you specified for installation.Done!Approved patches will be installed in this order:147993-05 Checking installed patches...Executing prepatch script...No SUNWgnome-im-client-root package can be found. The SUNWgnome-im-client-rootpackage must be installed before applying this patch.Please see the patch README NOTE 1 for information on installing SUNWgnome-im-client-root.The prepatch script exited with return code 1.Patchadd is terminating.
Jun 26 09:54:09 dhcp-172-21-230-215 root: [ID 702911 user.alert] =&gt; com.sun.patchpro.util.PatchBundleInstaller@1342a67 &lt;=Failed to install patch 147993-05.
Failed to install patch 147993-05.
ALERT: Failed to install patch 147993-05.
/var/sadm/spool/patchpro_dnld_2013.06.26@09:54:03:EDT.txt has been moved to /var/sadm/spool/patchproSequester/patchpro_dnld_2013.06.26@09:54:03:EDT.txt
</code></pre>
<p>Then I just had to manually install one more patch which <code>smpatch</code> refused to, and I was current. Good Times(TM)!</p>http://www.extrapepperoni.com/post/2013/06/Solaris-patching-is-broken-because-Oracle-is-dumb-and-irresponsible#comment-formhttp://www.extrapepperoni.com/feed/atom/comments/1568iptables: connlimiturn:md5:a06e2c971e285d8efbe83d286c3604362013-03-21T16:00:00-04:002013-03-21T16:53:45-04:00Chris Peppersecurity <p>Today we were effectively subjected to a DDoS attack by a badly behaved client raiding one of our web servers. We decided to rate-limit HTTP connections, which turned out to be pleasantly simple.</p>
<p>I replaced our old <code>iptables</code> rule to allow HTTP connections:</p>
<pre><code>-A INPUT -j ACCEPT -p tcp --dport 22
</code></pre>
<p>with 2 new rules:</p>
<pre><code>-A INPUT -j ACCEPT -p tcp --dport 80 -s xxx.yyy.0.0/16 --syn -m connlimit ! --connlimit-above 20
-A INPUT -j ACCEPT -p tcp --dport 80 --syn -m connlimit ! --connlimit-above 5 --connlimit-mask 24
</code></pre>
<p>The first rule allows any on-campus user to make 20 simultaneous connections. The second rule prevents external clients from making more than 5 at a time. They can make as many connections as they want <em>in series</em>, but if a web crawler attempts to open 6 connections without closing any, the 6th will time out. Slick!</p>
<p><a href="http://www.cyberciti.biz/faq/iptables-connection-limits-howto/">Thanks to nixcraft for the details!</a></p>http://www.extrapepperoni.com/post/2013/03/iptables%3A-connlimit#comment-formhttp://www.extrapepperoni.com/feed/atom/comments/1559Jill Sobule with Sex Mob at Union Hall, 2/15/2013urn:md5:26287c4bfdd7c99a6651de1dc7e597c22013-02-15T23:30:00-05:002013-03-29T00:34:25-04:00Chris Peppermusic <p><a href="http://www.colinmcgrath.com">Colin McGrath</a> opened. The oddest moment of the night was when he told us he had never heard Jill before, but sound check was great.</p>
<p><a href="http://jillsobule.com">Jill</a> played with <a href="http://www.stevenbernstein.net/sm-news">Sex Mob</a>, who she apparently first heard at the old <a href="http://www.knittingfactory.com">Knitting Factory</a> and is now touring with. They were excellent.</p>
<p><a href="http://www.flickr.com/photos/chrispepper/sets/72157632793751932/">Photos</a></p>
<ol>
<li><a href="http://youtu.be/3Tf5tButhdY">Palm Springs</a></li>
<li><a href="http://youtu.be/bpMA5PjRCNo">Barren Egg</a></li>
<li><a href="http://youtu.be/g8GWimVK6Sk">When They Say We Want Our America back, What the F#¥k Do They Mean?</a></li>
<li><a href="http://youtu.be/bppUKN3L3Qc">Joey</a></li>
<li><a href="http://youtu.be/oPv44x5X3qo">I Kissed a Girl</a></li>
<li>Kickstarter rap</li>
<li><a href="http://youtu.be/bQcPZ8LNOhQ">Filthy Little Devils</a></li>
<li><a href="http://youtu.be/dg1bF8-Qk5M">Raleigh Blue Chopper</a></li>
<li><a href="http://youtu.be/wYcwHiZVuCc">Angel/Asshole</a></li>
<li><a href="http://youtu.be/nMlD-zbAe_0">Smoke Dreams</a></li>
<li><a href="http://youtu.be/heut4FwgLYE">Cinnamon Park</a></li>
<li><a href="http://youtu.be/-Od0rAmqm4k">Rocky Mountain Way</a></li>
<li><a href="http://youtu.be/Gjywrshst8U">Sunrise Sunset</a></li>
<li><a href="http://youtu.be/f2r-tyJEsTI">Resistance Song</a></li>
<li><a href="http://youtu.be/Bs8n1PbB3kM">Modern Drugs</a></li>
<li><a href="http://youtu.be/zVA0d_J1dTE">Jetpack</a></li>
<li><a href="http://youtu.be/ZLDSGWMHXUY">Nothing to Prove</a></li>
<li>Steve's joke</li>
<li><a href="http://youtu.be/bzoiAeNe_tQ">Attic</a></li>
<li><a href="http://youtu.be/SXIpY7E2Gxg">Jill's joke</a> (her first ever onstage?)</li>
<li><a href="http://youtu.be/Xh_bfQMPQTY">Lucy at the Gym</a></li>
<li><a href="http://youtu.be/NeR2s_ohetw">When My Ship Comes in</a></li>
<li><a href="http://youtu.be/58OSDbuclDU">Lucky in Love</a></li>
</ol>http://www.extrapepperoni.com/post/2013/02/Jill-Sobule%2C-Union-Hall%2C-2/15/2013#comment-formhttp://www.extrapepperoni.com/feed/atom/comments/1555Dell DRAC & Macsurn:md5:e1da24d37d7dae91ddc1bd6185ff49742013-01-22T13:53:00-05:002013-01-22T14:55:52-05:00Chris PepperDell <p>We have been vexed by Dell's lack of Mac compatibility for some time, but things have gotten better lately. Our problems are specifically with DRAC's virtual console feature.</p>
<p>The virtual console on our R910 (iDRAC 6) was incompatible with the Mac keyboard layout. We could bring up a virtual console but the characters on-screen did not match keys pressed. Our workarounds were a) to connect to a Linux system via VNC and run Firefox there, or b) to connect from a Linux or Windows VM running on the Mac. Imagine my surprise when I tried last week and the keyboard worked properly! We haven't updated the iDRAC firmware on that system lately, so presumably this was fixed in Java, but it's a major improvement.</p>
<p>Second, when I tried to bring up the the virtual console on an R820 I got an uninformative timeout. Some helpful Dell folks pointed me to v1.30.30 of the iDRAC 7 firmware, which adds Mac Safari compatibility.</p>
<p>To get v1.30.30, search for your service tag on <a href="http://support.dell.com/">http://support.dell.com/</a>, select ESM (Embedded Systems Management), and choose the 'Application' <code>.exe</code> download. Only choose one item to download, or Dell requires you to use Akamai's download manager, which doesn't work for me. The <code>.exe</code> file appears to be a self-extracting <code>.zip</code> archive, so just <code>unzip</code> it and feed <code>firmimg.d7</code> to the iDRAC 7 Firmware Update page.</p>http://www.extrapepperoni.com/post/2013/01/Dell-DRAC-Macs#comment-formhttp://www.extrapepperoni.com/feed/atom/comments/1551Blowhole Theater Winterlude 2013 at Barbesurn:md5:810a3b54779d4cc58126460d1cacf6752013-01-11T00:30:00-05:002013-01-15T16:57:13-05:00Chris Peppermusic <p><a href="http://www.facebook.com/events/471109436269077/?ref=22">The Blowhole Theater Winterlude 2013</a> was at Barbes January 10th.</p>
<p><a href="http://www.flickr.com/photos/chrispepper/sets/72157632500090719/">Photos</a></p>
<p><a href="http://dittycommittee.com/">Ditty Committee</a> played:</p>
<ol>
<li>Unicorn Farts</li>
<li><a href="http://youtu.be/87fuR4g8BwI">Grand Larceny</a></li>
<li><a href="http://youtu.be/XvjxZnZMDDI">Your Drunk Wife</a></li>
<li><a href="http://youtu.be/jKRels1VZ4Q">The Ditty Committee Almost Knows the Alphabet</a></li>
<li><a href="http://youtu.be/3-25ICkbM2c">Meat &amp; Money, Inc.</a></li>
<li><a href="http://youtu.be/X53Y9pdkXkQ">Ice Cream Truck</a></li>
<li><a href="http://youtu.be/54pWWsFWu-U">Song of the Week</a></li>
<li><a href="http://youtu.be/tsM_sW6x7W4">Landfill Harmonic</a></li>
</ol>
<p><a href="http://youtu.be/t2G6fceWIQw">Ed Pastorini played a few songs with vocal assistance from Don Ralph</a>. I didn't catch any titles, unfortunately.</p>
<p><a href="http://youtu.be/YnzI0yKo1r8">Virpi arrived</a> just in time to participate in a Blowhole ritual.</p>
<p>Don Ralph, Gavin Smith, &amp; Susan Hwang performed 3 pieces:</p>
<ol>
<li><a href="http://youtu.be/41YBclPGRPc">The Whole Thing down</a></li>
<li><a href="http://youtu.be/I_bVZrexLcU">Foul Pies</a></li>
<li><a href="http://www.youtube.com/watch?v=WYi0slQ7X68">Mobile Wash Unit</a></li>
</ol>http://www.extrapepperoni.com/post/2013/01/Blowhole%2C-2013/01/10-at-Barbes#comment-formhttp://www.extrapepperoni.com/feed/atom/comments/15504th Street NiteOwls at Barbes, 2012/09/20urn:md5:c1d281d8687770655d991ce73d838cde2012-09-20T22:00:00-04:002012-10-01T16:38:07-04:00Chris Peppermusic <p>Gavin played clarinet with the <a href="https://www.facebook.com/4thStNiteOwls">NiteOwls</a> tonight.</p>
<h2><a href="http://www.flickr.com/photos/chrispepper/sets/72157631608802429/">Photos</a></h2>
<h2>Videos</h2>
<ol>
<li>Diga Diga Do</li>
<li>Jack I'm Mellow</li>
<li>Honeysuckle Rose</li>
<li>Breakin' the Ice</li>
<li>Crazy 'bout my Baby</li>
<li>Making Whoopie</li>
<li>Have a Little Dream on Me</li>
<li><a href="http://youtu.be/a6fNBplUT0o">Bloodshot Eyes</a></li>
<li><a href="http://www.youtube.com/watch?v=FwyZLOiurVY">Louisiana Fairy Tale</a></li>
<li><a href="http://youtu.be/uX6usGmp7to">Jerry the Junker</a></li>
<li><a href="http://youtu.be/FC-Rdcz9pTo">Ninety One in the Shade</a></li>
<li><a href="http://youtu.be/RgR5vvgGyME">Staying Alive</a></li>
<li><a href="http://youtu.be/WBFtKfejveQ">Nagasaki</a></li>
<li><a href="http://youtu.be/cVCwr1m1gKI">Cross Patch</a></li>
<li><a href="http://youtu.be/FyQMP4b1pzE">When Day is Done</a></li>
<li><a href="http://youtu.be/Rg3wCEnmie4">It's a Sin to Tell a Lie</a></li>
<li><a href="http://youtu.be/RGs4dZXtT9E">I Wish I Were Twins</a></li>
</ol>
<p>Previous shows:</p>
<ul>
<li><a href="http://www.extrapepperoni.com/post/2011/07/4th-St-NiteOwls%2C-July-1-2011%2C-Barbes">Barbes, July 1, 2011</a></li>
<li><a href="http://www.flickr.com/photos/chrispepper/sets/72157625595250706/">Two Boots, 2010/12/10</a></li>
</ul>http://www.extrapepperoni.com/post/2012/09/4th-Street-NiteOwls-at-Barbes%2C-2012/09/10#comment-formhttp://www.extrapepperoni.com/feed/atom/comments/1539James & Sharon Gerberurn:md5:7c309fb084d20fedae5c3a8e5bbde35b2012-05-19T17:00:00-04:002012-05-21T09:39:11-04:00Chris Pepperpeople <p>Our good friends James &amp; Sharon got married Saturday in Rhinecliff, NY. It was a beautiful day with lovely people. The official photos by <a href="http://fedorovfoto.com/">Alex Fedorov</a> aren't up yet, but <a href="http://smug.reppep.com/Weddings/James-Sharon-Gerber/">my photos</a> are up (thank you Rich, Julia, &amp; Amy for assistance).</p>
<p>Ask me or the Gerbers for the password. You can also upload photos to this gallery (with a different URL &amp; password).</p>
<p><a href="http://smug.reppep.com/Weddings/James-Sharon-Gerber/">http://smug.reppep.com/Weddings/James-Sharon-Gerber/</a></p>
<p>My toast:</p>
<blockquote>
<p>I have known James almost 30 years, since he gave me a tour of his high school and convinced me to go there. In retrospect I see that tourguide role as early days for an outgoing and friendly actor. In high school James and I became closer as members of a fairly tight-knit group (<em>cough</em> gamers), which stayed together through college and as we returned to NYC afterwards. But James is the only one I'm still in regular contact with -- partially because he is still in town, but really because he's a great friend.</p>
<p>A few weeks ago I told Julia (hi Julia!) that I was having lunch with James. She told me that everybody could use more time with James, and she wasn't even mad at me for seeing James when she had to be in school. Thanks, kiddo!</p>
<p>I still remember the day James told me that he had made some comment about &quot;A good day to die&quot; or perhaps it was &quot;A good day to move!&quot; to a girl, and she had texted back &quot;k'plah!&quot; James and I agreed: this girl was a keeper. That was several years ago, but Sharon has proven to be much more than just a pretty face with a passing knowledge of Klingon.</p>
<p>Whenever a mutual friend asks how James is doing, I say he seems to have found his ideal match, and it's great to see how good they are for each other. We wish you guys all happiness!</p>
<p>As parents, Amy and I take turns going to grown-up parties like birthdays. Whenever I go to a James &amp; Sharon thing, Amy asks me how everything went. I tell her it was nice to see today's stars, of course [nod], and that their friends are consistently interesting and pleasant to hang around with. I'm sure there's a quote about knowing the quality of someone's character by their friends, but I can't recall it. But thank you guys for all being a good bunch, too!</p>
<p>James, Sharon, we love you guys. We are so happy to see you together.</p>
</blockquote>http://www.extrapepperoni.com/post/2012/05/James-Sharon-Gerber#comment-formhttp://www.extrapepperoni.com/feed/atom/comments/1505MC Frontaloturn:md5:c9381fabc5360aeb384ae62c5dbb024a2012-05-04T22:00:00-04:002012-05-21T16:28:10-04:00Chris Peppermusic <p>As a Hannukah/Christmas present, Amy took me to see <a href="http://www.mcfrontalot.com/">MC Frontalot</a> at <a href="http://bk.knittingfactory.com/">Knitting Factory Brooklyn</a>. We were impressed by <a href="http://schafferthedarklord.com/">Schaffer the Darklord</a>, fled the unintelligible noise of <a href="http://maththeband.tumblr.com/">Math the Band</a>, and didn't stay for the Wheatus, the headliners. In preparation, I played a bunch of Frontalot for Amy, which was useful -- it was much easier to enjoy music where we knew the words, as they were often difficult to hear.</p>
<p>The show was a success -- Amy is now a fan.</p>http://www.extrapepperoni.com/post/2012/05/MC-Frontalot#comment-formhttp://www.extrapepperoni.com/feed/atom/comments/1507Isilon Notes, 2012 Editionurn:md5:065261b8d7b8a0972c9a7138c3775f392012-04-27T14:41:00-04:002012-05-10T11:16:28-04:00Chris Peppercomputersisilon <h2>General</h2>
<ul>
<li>Isilon provides templates for <a href="http://www.nagios.org/">Nagios</a>, which you should use. Unfortunately Nagios cannot distinguish serious problems (failed disk) from trivia (quota violations &amp; bogus warnings).</li>
</ul>
<h2>Hardware</h2>
<ul>
<li>Isilon's current units are either 2U (12-bay 200 series) or 4U (36-bay 400 series).</li>
<li>The new NL400-108 nodes are similar enough to the older 108NL nodes that they pool together. The 108NLs are dual-socket 16gb nodes based on the 72000x chassis, which is an upgrade from the 36000x chassis. This makes them much faster than the older single-core 36NLs &amp; 72NLs.</li>
<li>As of OneFS v6.0(?), Isilon nodes no longer use the VGA keyboard &amp; mouse console. Instead they use the serial port exclusively as console, although the VGA port does display some booting messages. In 2011, a USB connection to a KVM made a node reboot until we disconnected USB.</li>
<li>Every node is assigned a device ID when it is joined to the cluster. All alerts are tagged with the device ID of the node reporting the event. Device IDs are never reused, so if a chassis fails and is swapped out, the replacement will get a new device ID, but the old node's hostname. If this happens to you, you may want to use <code>isi config</code> (with advice from Isilon Support) to change the hostname to match the device ID. With a large or dynamic cluster it might just be better to ignore device IDs and let the node names run in a contiguous sequence.</li>
</ul>
<h2>Jobs</h2>
<ul>
<li>Isilon's job engine is problematic. Only one job runs at a time, and jobs are not efficiently parallelized.</li>
<li>MultiScan combines Collect and AutoBalance jobs.</li>
<li>During the Mark phase of Collect (or MultiScan), with snapshots enabled, delete is <strong>slow</strong> and can cause NFS timeouts.</li>
<li>It is fine for non-disruptive jobs to run in the background for long periods, and it is understandable for high-priority jobs to briefly impact the cluster, but there are too many jobs (SmartPools, AutoBalance, Collect, MultiScan) which have a substantial impact on performance for long periods.</li>
<li>There are enough long-running jobs that it's easy to get into a cycle where as soon as one finishes another resumes, meaning a job is always running and the cluster never actually catches up. It took months for us to get this all sorted out so the jobs run safely in the background and don't interfere badly.</li>
<li>When a drive does not respond quickly, Isilon logs a 'stall' in <code>/var/log/messages</code>. Stalls trigger &quot;group changes&quot;, which can trigger jobs. Group changes also disrupt jobs including MultiScan, AutoBalance, &amp; MediaScan from completing. The workaround is to tune <code>/etc/mcp/override/sysctl.conf</code> per Isilon Support.</li>
<li>The default job priorities were dysfunctional for us. We had to alter priorites for AutoBalance, SnapshotDelete, SmartPools, and QuotaScan, and frequency for at least SmartPools. This improved somewhat in v6.5.</li>
<li>To tweak job priority, do <strong>not</strong> redefine an existing priority. This caused problems as the change cascaded to other jobs. Define a new priority instead.</li>
</ul>
<h2>Batch Jobs</h2>
<ul>
<li><code>/etc/mcp/templates/crontab</code> is a cluster-wide crontab; field #6 is username.</li>
</ul>
<h2>Support &amp; Diagnostics</h2>
<ul>
<li>By default, Isilon's main diagnostic command, <code>isi_gather_info</code>, builds a tarball of configuration and logs and uploads it to EMC. This took over 15 minutes on our clusters. To make this quicker, change &quot;Gather mode&quot; to Incremental under Help:Diagnostics:Settings.</li>
<li>Isilon does not actually maintain an HTTP upload server, so uncheck HTTP upload to avoid a wasted timeout.</li>
<li>When a node crashes it logs a core in <code>/var/crash</code>, which can fill up. Upload the log with '<code>isi_gather_info -s &quot;isi_hw_status -i&quot; -f /var/crash</code>' on the affected node before deleting it.</li>
</ul>
<h2>Network &amp; DNS</h2>
<ul>
<li>Isilon is &quot;not compatible&quot; with firewalls, so client firewalls must be configured to allow all TCP &amp; UDP ports from Isilon nodes &amp; pools back to NFS clients (and currently SNMP consoles).</li>
<li>Specifically, there is a bug where SNMP responses come from the node's primary IP. <code>iptables</code> on our Nagios console dropped responses which came from a different IP than Nagios queried.</li>
<li>To use SmartConnect you must <em>delegate</em> the Isilon domain names to the SmartConnect resolver on the cluster. We were unable to use DNS forwarding in BIND with this delegation active.</li>
</ul>
<h2>NFS</h2>
<ul>
<li>By default Isilon exports a shared large <code>/ifs</code> filesystem from all nodes. They suggest mounting with <code>/etc/fstab</code> options <code>rw,nfsvers=3,rsize=131072,wsize=524288</code>.</li>
</ul>
<h2>CIFS</h2>
<ul>
<li>Migrating an IP to another node disconnects CIFS clients of that IP.</li>
<li>CIFS clients should use their own static SmartConnect pools rather than connecting to dynamic SmartConnect pools (for NFS clients).</li>
</ul>
<h2>Load Balancing</h2>
<ul>
<li>Rather than real-time load balancing, Isilon handles load-balancing through its built-in DNS server (SmartConnect: Basic or Advanced). Because this happens at connection time, the cluster cannot manage load between clients which are already connected, except via &quot;<code>isi networks --sc-rebalance-all</code>&quot;, which shuffles server-side IPs in to even out load. Unfortunately OneFS (as of v6.5) does not track utilization statistics for network connections, so it cannot intelligently determine how much traffic each IP represents. This means only Round Robin and Connection Count are suitable for &quot;IP failover policy&quot; (rebalancing) -- &quot;Network Throughput&quot; &amp; &quot;CPU Usage&quot; don't work.</li>
<li>High availability is handled by reassigning IPs to different nodes in case of failure. For NFS this is seamless, but for CIFS this causes client disconnection. As a result CIFS clients must connect to static pools, and &quot;<code>isi networks --sc-rebalance-all</code>&quot; should never be run on clusters with CIFS clients (there is apparently a corresponding command to rebalance a single pool, suitable for manual use on each dynamic pool).</li>
</ul>
<h2>Quotas</h2>
<ul>
<li>Some of the advantage of the single filesystem is lost because it is impossible to move files from one quota under another. This forces us to copy (<code>rsync</code>) and then delete as if each quota were its own mount point.</li>
<li>For user quota reporting, each user should have an account (perhaps via LDAP or AD) on the cluster.</li>
<li>For user quota notifications, each user must have an email mapping (we created aliases to route machine account quota notifications to the right users).</li>
</ul>
<h2>Bugs</h2>
<ul>
<li>The user <code>Enable</code> checkbox disables all login access (but preserves UID mappings for quota reports). Unchecking it blocks both <code>ssh</code> and CIFS/SMB access and clears the user password.</li>
<li>You cannot create a user with a home directory that exists (even with <code>--force</code>). Workaround: move the directory aside before creating the user, or create with a bogus homedirectory (which can only be used once) and use &quot;<code>isi auth local user modify</code>&quot; to fix after creation.</li>
<li>Don't use more than 8 SyncIQ policies (I don't know if this bug has been fixed).</li>
<li>Gateways and priorities are not clear, but if there are 2 gateways with the same priority the cluster can get confused and misbehave. The primary gateway should have the lowest priority number (1).</li>
<li>We heard one report that advisory quotas on a SyncIQ target cluster caused SyncIQ errors.</li>
<li>If you configure two gateways with the same priority, the cluster can get confused and misbehave.</li>
<li>In at least one case, advisory quotas on a SyncIQ target disrupted SyncIQ.</li>
<li>The Virtual Hot Spare feature appears to reserve twice as many drives as are specified in the UI, and they do not work as described.</li>
</ul>
<h2>Support</h2>
<ul>
<li>Support is very slow. SLAs apparently only apply to parts delivery -- our 4-hour service does not prevent Isilon from saying they will answer questions in a few days.</li>
<li>Support is constantly backlogged. Callback times are rarely made and cases are often not followed up unless we call in to prod Support.</li>
<li>My process for opening a case looks like this:
<ol>
<li>Run <code>uname -a; isi_hw_status -i; isi_gather_info</code>.</li>
<li>Paste output from first 2 commands and gather filename into email message.</li>
<li>Describe problem and send email to support@.</li>
<li>A while later we get a confirmation email with a case number.</li>
<li>A day or two later I get tired of waiting and phone Isilon support.</li>
<li>I punch in my case number from the acknowledgement.</li>
<li>I get a phone rep and repeat the case number.</li>
<li>The phone rep transfers me to a level 1 support rep, who as a rule cannot answer my question.</li>
<li>The L1 rep tries to reach an L2 rep to address my question. They are often unable to reach anyone(!!!), and promise a callback as soon as they find an L2 rep.</li>
<li>As a rule, I do not receive a callback.</li>
<li>Eventually I give up on waiting and call in again.</li>
<li>I describe my problem a third time.</li>
<li>The L1 tech goes off to find an answer.</li>
<li>I may have to call back in and prod L1 multiple times (there is no way for me to reach L2 directly).</li>
<li>Eventually I get an answer. This process often takes over a week.</li>
</ol></li>
<li>Support provides misinformation too often. Most often this is simple ignorance or confusion, but it appears to be EMC policy to deny that <em>any</em> problem affects multiple sites.</li>
</ul>
<h2>Commands</h2>
<p>For manual pages, use an underscore (<em>e.g.,</em> <code>man isi_statistics</code>). The command line is much more complete than the web interface but not completely documented. Isilon uses <code>zsh</code> with customized tab completion. When opening a new case include output from &quot;<code>uname -a</code>&quot; &amp; &quot;<code>isi_hw_status -i</code>&quot;, and run <code>isi_gather_info</code>.</p>
<ul>
<li><code>isi_for_array -s</code>: Execute a command on all nodes in in order.</li>
<li><code>isi_hw_status -i</code>: Node model &amp; serial number -- include this with every new case.</li>
<li><code>isi status</code>: Node &amp; job status. <code>-n#</code> for particular node, <code>-q</code> to skip job status, <code>-d</code> for SmartPool utilization; we use <code>isi status -qd</code> more often.</li>
<li><code>isi statistics pstat --top</code> &amp; <code>isi statistics protocol --protocol=nfs --nodes=all --top --long --orderby=Ops</code></li>
<li><code>isi networks</code></li>
<li><code>isi alerts list -A -w</code>: Review all alerts.</li>
<li><code>isi alerts cancel all</code>: Clear existing alerts, including the throttled critical errors message. Better than the '''Quiet''' command, which can suppress future errors as well.</li>
<li><code>isi networks --sc-rebalance-all</code>: Redistribute SmartConnect IPs to rebalance load. Not suitable for clusters with CIFS shares.</li>
<li><code>du -A</code>: Size, excluding protection overhead, from an Isilon node.</li>
<li><code>du --apparent-size</code>: Size, excluding protection overhead, from a Linux client.</li>
<li><code>isi devices</code>: List disks with serial numbers.</li>
<li><code>isi snapshot list --schedule</code></li>
<li><code>isi snapshot usage | grep -v '0.0'</code></li>
<li><code>isi quota list --show-with-no-overhead</code> | <code>isi quota list --show-with-overhead</code> | <code>isi quota list --recurse-path=/ifs/nl --directory</code></li>
<li><code>isi quota modify --directory --path=/ifs/nl --reset-notify-state</code></li>
<li><code>isi job pause MultiScan</code> / <code>isi job resume MultiScan</code></li>
<li><code>isi job config --path jobs.types.filescan.enabled=False</code>: Disable MultiScan.</li>
<li><code>isi_change_list</code> (unsupported): List changes between snapshots.</li>
<li><code>sysctl -n hw.physmem</code>: Check RAM.</li>
<li><code>isi device -a smartfail -d 1:bay6</code> / <code>isi devices -a stopfail -d 1:bay6</code> (<code>stopfail</code> is not normally appropriate)</li>
<li><code>isi devices -a add -d 12:10</code>: Use new disk in node 12, bay 10.</li>
<li><code>date; i=0; while [ $i -lt 36 ]; do isi statistics query --nodes=1-4 --stats=node.disk.xfers.rate.$i; i=$[$i+1]; done</code> # Report disk IOPS(?) for all disks in nodes 1-4 -- 85-120 is apparently normal for SATA drives.</li>
<li><code>isi networks modify pool --name *$NETWORK*:*$POOL* --sc-suspend-node *$NODE*</code>: Prevent $POOL from offering $NODE for new connections, without interfering with active connections. <code>--sc-resume-node</code> to undo.</li>
<li><code>isi_lcd_d restart</code>: Reset LEDs.</li>
<li><code>isi smb config global modify --access-based-share-enum=true</code>: Restrict SMB shares to authorized users (global version); <code>isi smb config global list | grep access-based</code>: verify (KB #2837)</li>
<li><code>ifa isi devices | grep -v HEALTHY</code>: Find problem drives.</li>
<li><code>isi quota create --path=$PATH --directory --snaps=yes --include-overhead --accounting</code></li>
<li><code>cd /ifs; touch LINTEST; isi get -DD LINTEST | grep LIN; rm LINTEST</code>: Find the current maximum LIN.</li>
</ul>http://www.extrapepperoni.com/post/2012/04/Isilon-Tips#comment-formhttp://www.extrapepperoni.com/feed/atom/comments/1501Skyrim Tipsurn:md5:a47ed8a5f2f5d18534e4cd32b25952e72012-04-26T20:53:00-04:002012-05-21T08:30:18-04:00Chris Peppercomputers <ul>
<li>Use the Wait button to detect nearby enemies -- if you can wait, the area is clear.</li>
<li>Do <strong>not</strong> improve unimportant skills. Enemy toughness is based on your overall level. So, for instance, if you raise your Alchemy from 0 to 100, your overall level might go up and all enemies might as well. In terms of combat, it's good to have the lowest overall level but the strongest combat skills you're actively using, along with whatever auxiliary skills you prefer (such as smithing &amp; enchanting for your gear). On the other hand, loot is also leveled...</li>
<li>Many companions (those who start with bows) won't use superior bows in combat, although they will use hand-to-hand weapons &amp; armor you provide. They will also use better arrows; give your companion one of your best arrow -- they never use it up, and you can police them off dead enemies. Companions often tend to choose the wrong weapon or armor -- you might need to take away one piece to make them reconsider.</li>
<li>Weapons matter much more for companions than armor because they generally cannot be killed.</li>
<li>Don't give your companion a staff if you have a horse (or dog?). They're sloppy and liable to start a fight by accidentally attacking your pet.</li>
<li>Most dungeons loop back to end by the entrance. Find chests (or other containers), periodically dump all the stuff you don't need soon -- I normally do this before going through a portal to another section -- and sweep back through after you have cleared the whole dungeon to get your loot.</li>
<li>To level Smithing, create iron daggers. To level Enchanting, enchant them with Banish (this is how I use up all my Petty Soul Gems). Then sell them for all the money you'll ever need.</li>
<li>Pick a type of weapon and a type of armor and specialize. I picked Archery and Heavy Armor, although if I had known that Light Armor can (eventually) provide the maximum Armor Rating I might have picked that instead.</li>
<li>Find a chest you must steal from that's easy to get to. You can stash stolen goods in it and have your companion steal them to launder the items, removing the <strong>Stolen</strong> flag.</li>
<li>If you get the wrong soul in a gem, drop it on the ground to empty it.</li>
<li>The <a href="http://www.uesp.net/wiki/Skyrim:Skyrim">Unofficial Elder Scrolls Wiki</a> seems to be the best reference.</li>
<li>On Xbox 360 scrolling gets faster briefly if you use <em>both</em> the left thumbstick and the D-pad to move up or down.</li>
<li>Don't bother exploring and clearing dungeons unless you're on a mission -- if you do, you will probably have to run through it again as part of a quest later.</li>
</ul>
<h2>Problems</h2>
<ul>
<li>Some quests are broken. I cannot complete the Companions questline because I need to kill someone who I already killed; I cannot start the Bards questline because I already spoke to the head of the College and now he won't say his line.</li>
<li>The inventory system is broken. Normally when you remove something the next item down pops up under the cursor, but sometimes the next item above is selected instead. This is carried over from Fallout.</li>
<li>The Stolen system is broken. It seems like items of the same type (and graphic) are supposed to stack, with Stolen items (marked &quot;Stolen&quot; in your inventory, but colored red instead in containers) on top. So you should always be able to grab the stolen items and leave a stack of un-hot items behind. But the ordering doesn't work right. It would be <strong>much</strong> better if Stolen and non-Stolen items didn't stack together.</li>
<li>The 'Cleared' flag on a dungeon means it was cleared -- it does <em>not</em> mean it's still clear.</li>
</ul>http://www.extrapepperoni.com/post/2012/04/Skyrim-Tips#comment-formhttp://www.extrapepperoni.com/feed/atom/comments/1500iOS Multilauncherurn:md5:f99be1eefeb23cf5a69b325e92e30d232012-01-31T15:00:00-05:002012-01-31T15:55:54-05:00Chris PepperiPod / iPhone <p>Several times a day on my iPhone, I tap: Home, Mail, Home, <a href="http://tapbots.com/software/tweetbot/">Tweetbot</a>, Home, <a href="http://reederapp.com/">Reeder</a>, <a href="http://www.instapaper.com/">Instapaper</a>. Then I repeat the cycle, this time waiting for each to finish fetching updates and then reading what they fetched (and clipping to Instapaper from Tweetbot &amp; Reeder) before finally ending up in Instapaper.</p>
<p>I do this in the morning and when emerging from the subway; I perform a variation before entering the subway and giving up 3G, and often when exiting WiFi coverage. On the iPad I have a similar routine, swapping <a href="https://twitter.com/#!/download/iphone">Twitter</a> &amp; <a href="http://flipboard.com/">Flipboard</a> for Tweetbot.</p>
<p>This is annoying! I am wasting my time on stupid button-mashing with substantial built-in delays -- especially on 3G.</p>
<p>Apple's highly effective sandbox security model, combined with iOS's much-appreciated simplicity (specifically Apple's restrictions on background tasks), mean I cannot use a <code>cron</code> type program to update these apps on a schedule (as I used to do on my Treo 650 for <a href="http://www.plkr.org/">Plucker</a>), and there is no 'wrapper' program which can tell them all to update.</p>
<p>Fortunately there is a way! Apple supports <a href="http://tapbots.com/blog/development/tweetbot-url-scheme">URL schemes for inter-application communication</a>, and these apps use such URLs to communicate with each other -- mostly to clip articles, tweet, and send email. There is even a specification for bidirectional communication: <a href="http://x-callback-url.com/">x-callback-url</a>.</p>
<p>Imagine an app named Multilauncher, designed to drive other apps in series via URL schemes. It could register the URL scheme 'multilauncher://', and come with a list of known and supported applications -- each with its own URL scheme, and preferably 'linkback' support.</p>
<p>So on my iPhone, in Multilauncher's settings, I could configure:</p>
<ol>
<li>Mail</li>
<li>Tweetbot</li>
<li>Reeder</li>
<li>Instapaper</li>
</ol>
<p>On my iPad, I might configure:</p>
<ol>
<li>Mail</li>
<li>Twitter</li>
<li>Reeder</li>
<li>Flipboard</li>
<li>Instapaper</li>
</ol>
<p>I would tap Multilauncher, which would then invoke each of the specified apps. For non-callback apps (such as Mail.app) I would hit Home once they had a chance to update, and return to Multilauncher manually. Even better, though, cooperating apps could automatically relaunch Multilauncher, enabling a string of application launches &amp; updates without manual intervention. On my iPhone, Multilauncher might launch URLs such as:</p>
<ol>
<li>mailto:</li>
<li>tweetbot://x-callback-url/return?x-source=multilauncher://tweetbot</li>
<li>reeder://x-callback-url/return?x-source=multilauncher://reeder</li>
<li>instapaper://x-callback-url/return?x-source=multilauncher://instapaper</li>
</ol>
<p>Of course Multilauncher would record what it launched last, so it could resume the sequence even without help from other apps.</p>
<h2>Extra Credit</h2>
<p>I don't know believe Apple currently supports launching apps from push messages or notifications, but I would be happy to subscribe to a (cheap) service to send my iPhone &amp; iPad push messages in the morning, triggering Multilauncher so those apps could all have an opportunity to update themselves. Repeat shortly before the end of my workday. Set a timer and send a push message 6 hours after the last update. In unattended mode skip over uncooperative apps like Mail to avoid getting stuck in the sequence...</p>
<p>Wouldn't it be neat if the Reminder app knew when we passed in and out of 3G and WiFi coverage? It could update every time I enter WiFi, and when regaining coverage after 30+ minutes off the air. Update at the subway exits I routinely use.</p>
<p>Somebody please build it!</p>
<p>I am aware of <a href="http://pepperdogsoft.com/switcher/">App Switcher</a> but it is designed as an interactive launcher -- not what I want.</p>http://www.extrapepperoni.com/post/2012/01/iOS-Multilauncher#comment-formhttp://www.extrapepperoni.com/feed/atom/comments/1478Big Balls' premiere & Les Sans Culottes at The Rock Shopurn:md5:f2c8b148d3d587cace7efb6d185b0c1b2012-01-13T00:15:00-05:002012-01-22T21:14:13-05:00Chris Peppermusic <p>Thursday night at The Rock Shop, Out of Order opened. I didn't really see their set.</p>
<p>Then Big Balls, an AC/DC cover band, played their premier show -- AC/DC's entire first album <em>High Voltage</em> and the first song from their second: &quot;Dirty Deeds Done Dirt Cheap&quot;.</p>
<p>Finally Les Sans Culottes played an excellent set.</p>
<ol>
<li><a href="http://youtu.be/4Tf84SKUM_U">Monsters</a></li>
<li><a href="http://youtu.be/CokbCQba2xQ">Allô Allô</a></li>
<li><a href="http://youtu.be/JqVNPg6WAH0">Chaussures</a></li>
<li><a href="http://youtu.be/L9xCzdeRuNI">Gangsteur d’Amour</a></li>
<li><a href="http://youtu.be/0eLabeCbP80">Boots</a></li>
<li><a href="http://youtu.be/xKb5TlTE5k4">Je Suis Content</a></li>
<li><a href="http://youtu.be/-I8J16kS9_s">F.U.C. Something</a></li>
<li><a href="http://youtu.be/C4amzX77elM">Les Cactus</a></li>
<li><a href="http://youtu.be/rkN-xJto-Cg">Jour du Vélo</a></li>
<li><a href="http://youtu.be/JKSaVvnnpzY">Magic Bag</a></li>
<li><a href="http://youtu.be/9VymWqwF080">Téléphone Douche</a></li>
<li><a href="http://youtu.be/s7Kk4cnATHg">Hypocrite Lecteur</a></li>
</ol>
<p>Encores: <a href="http://youtu.be/WcOInVa284E">Ecole du Merde</a> &amp; <a href="http://youtu.be/T_0154sy_Tk">Shuba Duba Luba</a></p>http://www.extrapepperoni.com/post/2012/01/Big-Balls-premiere-Les-Sans-Culottes-at-The-Rock-Shop#comment-formhttp://www.extrapepperoni.com/feed/atom/comments/1475Molly Does Not Approve, Pianos, September 20, 2011urn:md5:9d53b990896b25dd46a132b168b2aff62011-09-20T22:00:00-04:002011-09-25T19:37:57-04:00Chris Peppermusic <p>Molly Mae and the latest iteration of her disapproval played Pianos again, with new guitarist Peter Goodrich and guest <a href="http://www.listen2chevonne.com/">Chevonne</a> on vocals &amp; keyboards. <a href="http://www.myspace.com/boquiver">The Micks</a> opened. Interestingly I hear Peter's guitar more clearly in the video.</p>
<h2><a href="http://www.flickr.com/photos/chrispepper/sets/72157627718088332/">Photos</a> (including The Micks)</h2>
<h2>Videos</h2>
<ol>
<li><a href="http://www.youtube.com/watch?v=3P_MZX1Mmbg">Good Lookin'</a></li>
<li><a href="http://www.youtube.com/watch?v=SSfFtrLamIk">I Wanna Have Your Baby</a></li>
<li><a href="http://www.youtube.com/watch?v=TiyGkGOaL9s">Social Worker</a></li>
<li><a href="http://www.youtube.com/watch?v=C7br8QATHlA">Pinup Girl</a></li>
<li><a href="http://www.youtube.com/watch?v=GcfFnNlY24I">Cancao Brasileira</a></li>
<li><a href="http://www.youtube.com/watch?v=c5gTiYqbq4A">Garter Belt</a>, by Chevonne</li>
<li><a href="http://www.youtube.com/watch?v=WYAWvyI4qrA">Stop Stealing My Shit</a></li>
</ol>http://www.extrapepperoni.com/post/2011/09/Molly-Does-Not-Approve%2C-Pianos%2C-September-20%2C-2011#comment-formhttp://www.extrapepperoni.com/feed/atom/comments/1449Upright Piano Brigade 4x2: Marc Peloquin & David Del Tredici at Barbesurn:md5:f410ed0f6671cf30b50f315a23a632722011-09-08T21:00:00-04:002011-09-14T22:21:13-04:00Chris Peppermusic <p><a href="http://www.marcpeloquin.com/">Marc Peloquin</a> played at <a href="http://barbesbrooklyn.com/">Barbes</a>, with <a href="http://www.daviddeltredici.com/">David Del Tredici</a> -- half pieces by David, and much of it four hands. <a href="http://www.extrapepperoni.com/post/2011/09/dennis@dennistobenski.com">Dennis Tobenski</a> was also present.</p>
<p><a href="http://www.flickr.com/photos/chrispepper/sets/72157627496871905/">72 photos</a></p>
<ol>
<li>Marc &amp; David: <a href="http://www.youtube.com/watch?v=1k2Ni5D_HZs">Dolly Suite, Op. 56</a>, Gabriel Fauré</li>
<li>Marc: <a href="http://www.youtube.com/watch?v=O8GbGvSUZH0">Novelette No. 1</a>, Robert Schumann</li>
<li>Marc: <a href="http://www.youtube.com/watch?v=EvaaHG0br08">Song Suite: Four Songs</a>, Ned Rorem (transcribed for piano solo by Marc)</li>
<li>Marc: <a href="http://www.youtube.com/watch?v=PHe95p_7QTg">Growl</a>, Dennis Tobenski</li>
<li>Marc &amp; David: <a href="http://www.youtube.com/watch?v=ZFPoqpdMNZg">Suite, Op. 11</a>, David Del Tredici</li>
<li>David: <a href="http://www.youtube.com/watch?v=GFrACOLoQ-w">Fantasy on a Cherished Name (In Memoriam, Andrew Imbrie)</a>, David Del Tredici</li>
<li>Marc: <a href="http://www.youtube.com/watch?v=RvIWJcybiAI">Farewell, R.W.</a>, David Del Tredici</li>
<li>Marc &amp; David: <a href="http://www.youtube.com/watch?v=oh4MRB3Bhd4">Carioca Boy- Tango</a>, David Del Tredici</li>
</ol>http://www.extrapepperoni.com/post/2011/09/Marc-Peloquin-David-Del-Tredici-at-Barbes#comment-formhttp://www.extrapepperoni.com/feed/atom/comments/1443Cluster job distribution & general Isilon statusurn:md5:d85f3d8e56ca577640ee19607eb882432011-08-18T12:34:00-04:002011-08-18T12:51:38-04:00Chris Peppercomputersisilon <p>Users of our Isilon clusters need basic status information, so every 10 minutes our clusters run <code>status.sh</code> per <code>/etc/mcp/templates/crontab</code>. This provides a variety of useful information to users with access to the Isilon shared filesystem, and no need to provide shell access to the cluster nodes or remember the command syntax.</p>
<p>We now need to run some large/slow jobs, so I wanted a list of nodes in least-busy order. Obviously Isilon tracks this so SmartConnect can send connections to the least loaded node when using the &quot;CPU Usage&quot; connection policy, but it's not available to user scripts. The pipeline to provide a list of nodes sorted by lowest utilization to highest is applicable to all clusters, though -- just swap in the appropriate local cluster-wide execution command for <code>isi_for_array</code>.</p>
<h2><code>status.sh</code></h2>
<pre><code>#!/bin/sh
# Record basic cluster health information
PREFIX=/ifs/x/common/cluster/status
isi status &gt; $PREFIX/status.log
isi status -q -d &gt; $PREFIX/pool.log
isi job status -v &gt; $PREFIX/job.log
isi quota list &gt; $PREFIX/quota.log
isi quota list|grep -v :|grep -v default- &gt; $PREFIX/quota-short.log
isi snapshot list -l &gt; $PREFIX/snapshot.log
isi snapshot usage | tail -1 &gt; $PREFIX/snapshot-total.log
isi sync policy report | tail&gt; $PREFIX/synciq.log
isi_for_array -s uptime &gt; $PREFIX/uptime.log
isi_for_array uptime | tr -d :, | awk '{print $12, $1}' | sort -n | awk '{print $2}' &gt; $PREFIX/ordered-nodes.txt
</code></pre>http://www.extrapepperoni.com/post/2011/08/Cluster-job-distribution#comment-formhttp://www.extrapepperoni.com/feed/atom/comments/1439Brag 2011, with John Bianchiurn:md5:205cd4f111355742f140127e035b2da12011-08-12T23:00:00-04:002011-08-17T17:04:53-04:00Chris Pepperpictures <p>My old boss from the <a href="http://www.audubon.org/">National Audubon Society</a>, John Bianchi, played ukelele (actually banjo/uke -- someone else played traditional uke) at the Brag vaudeville show. It was fun, and surprisingly gender-bendy. Charles Goonan was the MC. He was funny, but spent too much time onstage -- considering the final acts had to cut to make time. Alas, iMovie ate much of my footage.</p>
<p><a href="http://reppep.com/~pepper/images/brag-2011.jpeg"><img src="http://reppep.com/~pepper/images/brag-2011-thumb.jpeg" alt="Brag 2011" /></a></p>
<p><a href="http://smug.reppep.com/Music/Brag-2011/18579301_8mgXwV">Photos</a></p>
<h2>Video of John</h2>
<ol>
<li><a href="http://www.youtube.com/watch?v=4b9QowDeUFs">The Sheik of Avenue B</a></li>
<li><a href="http://www.youtube.com/watch?v=qlncu9pO1xI">John Bianchi: With My Little Ukulele in My Hand</a></li>
</ol>
<h2>The Bill</h2>
<ol>
<li>Amazing Amy (contortions)</li>
<li>Stone and Stone (standup)</li>
<li>Vic Ruggiero (guitar)</li>
<li>Elena Giordano (dance)</li>
<li>Rosie Rebel</li>
<li>Leiybya Rogers (guitar)</li>
<li>D'yan Forest (ukelele)</li>
<li>Richard (Rosie)</li>
<li>Danny Cohen (standup)</li>
<li>Trixie (burlesque)</li>
<li>John Bianchi (banjo ukelele)</li>
<li>Rufus Khan (standup)</li>
<li>Vic Ruggiero &amp; the Slackers (with everyone)</li>
</ol>http://www.extrapepperoni.com/post/2011/08/Brag-2011#comment-formhttp://www.extrapepperoni.com/feed/atom/comments/1437OpenSSH is smart about cluster hostkeysurn:md5:6150db11a7f9d0c04561d4c18c368c992011-07-27T11:29:00-04:002011-07-27T11:39:26-04:00Chris Peppersshisilon <p>Normally, the first time you <code>ssh</code> to a new server, <a href="http://openssh.org/">OpenSSH</a> asks for permission to store the server's hostname (and IP) along with its unique <code>ssh</code> <code>hostkey</code> in <code>~/.ssh/known_hosts</code>. Then if the <code>hostkey</code> ever changes, either because the machine was rebuilt or because you're connected to a different machine (as would be the case if someone intercepted your connection, for instance...), OpenSSH complains loudly that something is hinky:</p>
<pre><code>pepper@teriyaki:~$ ssh cluster uname -a
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: POSSIBLE DNS SPOOFING DETECTED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
The DSA host key for cluster has changed,
and the key for the corresponding IP address 10.0.10.124
is unknown. This could either mean that
DNS SPOOFING is happening or the IP address for the host
and its host key have changed at the same time.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the DSA host key has just been changed.
The fingerprint for the DSA key sent by the remote host is
f7:b0:d4:11:2c:6c:ec:be:96:f0:88:71:d9:26:20:0c.
Please contact your system administrator.
Add correct host key in /Users/pepper/.ssh/known_hosts to get rid of this message.
Offending key in /Users/pepper/.ssh/known_hosts:81
DSA host key for cluster has changed and you have requested strict checking.
Host key verification failed.
</code></pre>
<p>This is a nuisance with high-availability (HA) clusters, where multiple nodes may share a single hostname and IP. The first time you connect to a shared IP everything works and you store the hostkey for whichever node accepted your connection. Then it may continue to work for a long time, if you keep connecting to the same node. But when you get a different node at that IP, OpenSSH detects it's a different machine (<code>hostkey</code>), and either the connection fails (if it's non-interactive) or you get the scary warning (if it's interactive). To avoid this, the convention is to <code>ssh</code> directly into individual nodes for administration.</p>
<p>But some of our sequencers use <code>rsync</code>-over-<code>ssh</code> to export data to our Isilon storage clusters, so we had a problem. If we configured them to connect to the VIP (like NFS clients), things would break when they connected to different nodes. But if we configured them to connect to individual nodes, we'd lose failover -- if any Isilon node went down, all of 'its' clients would stop transferring data until it came back up.</p>
<p>I briefly considered synchronizing the <code>ssh</code> <code>hostkeys</code> between nodes, to avoid the <code>hostkey</code> errors, but this is poor security -- if each node has the same <code>hostkey</code>, it's easy for any node to eavesdrop on connections to all its peers with the same <code>hostkey</code>, and changing keys is disruptive.</p>
<p>Fortunately the OpenSSH developers are way ahead of me. If the <code>hostkey</code> is already on file as valid for a known host -- even if there are other conflicting keys on file for the same host -- OpenSSH accepts it.</p>
<p>To set this up, just <code>ssh</code> to each node, then append the cluster hostname and IPs to their entries in <code>~/.ssh/known_hosts</code> or <code>/etc/ssh/ssh_known_hosts</code>.</p>
<pre><code>cluster-1,10.0.10.101,cluster,10.0.10.121,10.0.10.122,10.0.10.123,10.0.10.124 ssh-dss AAAAB3NzaC1kc3MAAACBA...
cluster-2,10.0.10.102,cluster,10.0.10.121,10.0.10.122,10.0.10.123,10.0.10.124 ssh-dss AAAAB3NzaC1kc3MAAACBA...
cluster-3,10.0.10.103,cluster,10.0.10.121,10.0.10.122,10.0.10.123,10.0.10.124 ssh-dss AAAAB3NzaC1kc3MAAACBA...
cluster-4,10.0.10.104,cluster,10.0.10.121,10.0.10.122,10.0.10.123,10.0.10.124 ssh-dss AAAAB3NzaC1kc3MAAACBA...
</code></pre>http://www.extrapepperoni.com/post/2011/07/OpenSSH-is-smart-about-cluster-hostkeys#comment-formhttp://www.extrapepperoni.com/feed/atom/comments/1433